Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/dZLK6hyEY7rRoZE_JRdzp_qkEYY.roa
File: dZLK6hyEY7rRoZE_JRdzp_qkEYY.roa (raw, json)
Hash identifier: LCZquTtkeqfExEFMr1h3C06wA3WSAdQ7zPIY2vnhHR0=
Subject key identifier: 75:92:CA:EA:1C:84:63:BA:D1:A1:91:3F:25:17:73:A7:FA:A4:11:86
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018D30EBBB7E7600E6B5EE3041E289952A0C
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/dZLK6hyEY7rRoZE_JRdzp_qkEYY.roa
Signing time: Mon 22 Jan 2024 11:26:11 +0000
ROA not before: Mon 22 Jan 2024 11:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 46.235.15.0/24 maxlen: 32
2a00:9940::/29 maxlen: 128
2a09:2340::/29 maxlen: 128
2a14:2b80::/29 maxlen: 128
2a14:5c80::/29 maxlen: 128
2a14:6580::/29 maxlen: 128
2a14:7080::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 24 Jan 2024 11:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:eb:bb:7e:76:00:e6:b5:ee:30:41:e2:89:95:2a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Jan 22 11:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7592caea1c8463bad1a1913f251773a7faa41186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:ca:22:8e:de:4c:3d:f2:9a:b6:45:85:00:
53:90:45:6d:7e:09:7b:62:b2:50:41:bf:8c:06:2c:
ea:74:f5:47:c0:61:3d:52:de:95:fc:45:7f:d4:09:
e6:2b:87:f2:0a:99:b7:af:7d:8f:29:db:b0:cd:91:
62:56:34:3f:b7:65:fe:06:c4:71:58:e6:be:9c:e8:
a3:f4:c3:0f:51:cd:d0:cc:06:d6:7f:84:2f:92:8e:
8a:6b:4c:c3:1e:0e:4a:3f:ba:f2:45:d1:72:ce:b0:
9e:02:a0:ac:97:0e:e6:f9:f8:73:b2:a2:76:2e:aa:
a0:5c:28:ad:56:4e:85:5f:27:77:3e:5e:b3:19:9f:
ab:66:3b:af:2f:e0:bf:a1:b0:23:a5:af:0c:0f:b3:
ec:fb:35:28:9f:f4:8d:fc:aa:22:90:af:22:ca:7d:
5d:62:30:f4:54:39:75:f9:2d:2b:ea:e0:a8:2f:ce:
ac:ea:a8:5d:35:fd:8a:c4:87:b6:8a:59:cb:c5:08:
95:5c:29:d2:75:e6:d7:b6:f6:80:fb:62:fb:b2:34:
57:3e:bf:fb:13:23:fc:67:a9:80:d8:a6:e4:0b:f3:
77:44:3f:87:be:37:f9:7a:29:da:df:a2:f9:32:fe:
a4:99:bf:7e:82:bf:c9:73:bd:e2:c4:dd:31:e7:bb:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:92:CA:EA:1C:84:63:BA:D1:A1:91:3F:25:17:73:A7:FA:A4:11:86
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/dZLK6hyEY7rRoZE_JRdzp_qkEYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
IPv6:
2a00:9940::/29
2a09:2340::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ab:42:f0:e2:1f:e9:ea:4e:30:ed:6b:b4:ff:f7:14:5b:a9:
ba:3e:2e:44:08:4a:52:fc:03:ba:8d:ff:bc:58:81:77:4b:d5:
c1:6a:94:d3:3a:1b:53:82:f4:1e:f0:84:35:74:ae:46:37:13:
ed:99:3e:a7:30:a5:85:05:ae:8f:d2:69:0a:31:a0:2c:14:07:
16:61:10:74:26:01:36:1c:83:31:ea:ec:42:1e:46:0b:d0:61:
43:52:3f:00:55:d6:25:57:b3:eb:52:c8:e8:b2:12:8d:6d:50:
7b:98:e4:44:e9:59:e8:e6:73:ea:38:e0:2d:36:df:2b:54:9f:
26:b0:4f:3b:b9:b4:f6:8a:ac:52:ee:80:f9:72:cc:d2:65:3d:
81:9f:47:77:6e:15:58:02:6b:c0:2b:28:af:17:99:3d:9f:24:
64:73:ad:de:17:d7:7c:e9:12:6e:e6:4f:9f:4b:5a:10:84:a3:
af:3f:1c:24:5b:97:c5:2f:78:3a:2c:bc:69:0d:c8:4b:5d:c4:
25:17:f2:32:fe:eb:8f:77:02:31:42:ff:e1:f1:22:f8:b7:d3:
36:46:98:43:c7:63:57:df:68:3f:fe:bd:64:48:6d:b0:40:f5:
6e:6c:69:1f:2c:3d:24:41:93:8c:3f:b3:3f:28:74:da:a4:0d:
b3:e4:7a:3c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY0w67t+dgDmte4wQeKJlSoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjQwMTIyMTEyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkyY2FlYTFjODQ2M2JhZDFhMTkxM2YyNTE3NzNhN2ZhYTQxMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnLKIo7eTD3ymrZFhQBTkEVtfgl7
YrJQQb+MBizqdPVHwGE9Ut6V/EV/1AnmK4fyCpm3r32PKduwzZFiVjQ/t2X+BsRx
WOa+nOij9MMPUc3QzAbWf4Qvko6Ka0zDHg5KP7ryRdFyzrCeAqCslw7m+fhzsqJ2
LqqgXCitVk6FXyd3Pl6zGZ+rZjuvL+C/obAjpa8MD7Ps+zUon/SN/KoikK8iyn1d
YjD0VDl1+S0r6uCoL86s6qhdNf2KxIe2ilnLxQiVXCnSdebXtvaA+2L7sjRXPr/7
EyP8Z6mA2KbkC/N3RD+Hvjf5eina36L5Mv6kmb9+gr/Jc73ixN0x57s4zQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHWSyuochGO60aGRPyUXc6f6pBGGMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvZFpMSzZoeUVZN3JSb1pFX0pSZHpwX3FrRVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQALusPMDAE
AgACMCoDBQMqAJlAAwUDKgkjQAMFAyoUK4ADBQMqFFyAAwUDKhRlgAMFAyoUcIAw
DQYJKoZIhvcNAQELBQADggEBAFqrQvDiH+nqTjDta7T/9xRbqbo+LkQISlL8A7qN
/7xYgXdL1cFqlNM6G1OC9B7whDV0rkY3E+2ZPqcwpYUFro/SaQoxoCwUBxZhEHQm
ATYcgzHq7EIeRgvQYUNSPwBV1iVXs+tSyOiyEo1tUHuY5ETpWejmc+o44C023ytU
nyawTzu5tPaKrFLugPlyzNJlPYGfR3duFVgCa8ArKK8XmT2fJGRzrd4X13zpEm7m
T59LWhCEo68/HCRbl8UveDosvGkNyEtdxCUX8jL+6493AjFC/+HxIvi30zZGmEPH
Y1ffaD/+vWRIbbBA9W5saR8sPSRBk4w/sz8odNqkDbPkejw=
-----END CERTIFICATE-----
Generated at Wed Jan 24 16:05:59 2024 by rpki-client on console-fra.rpki-client.org